Cybersecurity company McAfee Labs has released its August 2019 threat report, which notes an increase in cryptojacking campaigns and ransomware attacks in Q1 2019. Cryptojacking on the rise McAfee Labs posted their report on the company’s website on Aug. 28. According to the report, crypto jacking — installing and running a cryptocurrency miner without user permission — has been on the rise, with a 29% increase in crypto jacking campaigns in Q1 2019. Additionally, the company discovered new malware families for both Microsoft Windows and Apple users. One crypto jacking campaign they discovered was PsMiner — a crypto jacker for …
Cybercriminals are now reportedly exploiting known vulnerability CVE-2019-3396 in the software Confluence, a workspace productivity tool made by Atlassian, according to a report by security intelligence firm Trend Micro Inc. on May 7. The exploit that has been developed allows cybercriminals to stealthily install and run a monero (XMR) miner on a vulnerable computer, as well as covering up the mining activity by using a rootkit to hide the malware’s network activity and toll on the host’s central processing unit (CPU). According to an Atlassian security advisory, the vulnerability in question only applies to some older versions of Confluence. The …
Hardware cryptocurrency wallet manufacturer Ledger has detected malware targeting its desktop application, according to a tweet on April 25. Ledger warned its users that the malware locally replaces the Ledger Live desktop app with a malicious one, and advised to follow security practices published on its blog. The company’s Twitter announcement specifically reads: “WARNING: we’ve detected a malware that locally replaces the Ledger Live desktop application by a malicious one. Users of infected computers are asked to enter their 24-word recovery phrase after a fake update.” In the comments to the post, Ledger revealed that the malware is infecting only …
Alleged North Korea-sponsored cybercrime group Lazarus is still targeting cryptocurrencies and adopting new tactics, according to a new report from cybersecurity and anti-virus company Kaspersky Lab published on March 26. The report reveals that allegedly state-sponsored hacker group Lazarus has been active with a new operation since last November, wherein the group uses PowerShell that allows them to manage and control Windows and macOS malware. The Lazarus team has reportedly developed custom PowerShell scripts that interact with C2 malicious servers and execute commands from the operator. C2 server script names, in their turn, are misrepresented as WordPress files, and other …
A new hacking tool is propagating throughout the online community in an attempt to install cryptocurrency mining malware, researchers at security intelligence firm Trend Micro confirmed in a blog post on Feb. 20. Detected at the end of January, the tool is a combination of extant threats which previously targeted Microsoft Windows users: MIMIKATZ and RADMIN. “Between the last week of January to February, we noticed an increase in hack tool installation attempts that dropped seemingly random files into the Windows directory,” the blog post reads: “Initially appearing unrelated, analysis showed the final payload to be a Monero (XMR) cryptocurrency-mining …
Japanese multinational cybersecurity firm Trend Micro has detected a new strain of crypto-mining malware that targets PCs running Linux, according to a report published Nov. 8. The new strain is reportedly able to hide the malicious process of unauthorized cryptocurrency-mining through users’ CPU by implementing a rootkit component. The malware itself, detected by Trend Micro as Coinminer.Linux.KORKERDS.AB, is also reportedly capable of updating itself. According to the report, the combination of hiding and self-upgrading capabilities gives the malware a great advantage. While the rootkit fails to hide the increased CPU usage and the presence of a running crypto-mining malware, it …
North Korean hackers have infected a cryptocurrency exchange with malware for both Windows and macOS for reportedly the first time, Russian internet security company Kaspersky Lab announced Thursday, August 23. In Kaspersky’s report, the company reveals the malware — dubbed “AppleJeus” — made its way into the systems of an unnamed exchange after an employee downloaded a “tainted” app. Kaspersky now believes the app came from a fake developer with fake security certificates in a major operation by North Korean hacker collective Lazarus Group. The malware aimed to steal cryptocurrency funds, Kaspersky claims, in what marks the latest in a …
Windows 10 could be a threat to Bitcoin users’ privacy; Genesis Mining leaves New York over BitLicense; Envestnet acquires Yodlee for US$590 million and more top stories for August 13. Windows 10 could be a Serious Threat to Bitcoin Privacy The recently unveiled Windows 10 could turn out to be a serious threat to Bitcoin users’ privacy. Apparently, traffic analysis done on the operating system has revealed that it enables unauthorized and continuous transmission of data from personal computers to external servers. If this is the case, then using Bitcoin through your device could expose your transactions to external surveillance. …